Commit Graph

198 Commits

Author SHA1 Message Date
edgelessci
06bbdda9dc
docs: add release v2.7.0 (#1592)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-04-05 10:33:16 +02:00
Moritz Sanft
e71c33c88d
cli: print attestation document with constellation verify (#1577)
* wip: verification output

* wip: Azure cert parsing

* wip: print actual PCRs

* wip: use string builder for output formatting

* compare PCR expected with actual

* tests

* change naming

* update cli reference

* update bazel buildfile

* bazel update

* change loop signature
2023-04-03 15:06:27 +02:00
Paul Meyer
176d32599f terraform: add missing permission to AWS iam
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 07:23:00 -04:00
Paul Meyer
63b07ede8a terraform: sort permissions
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-04-03 07:23:00 -04:00
Otto Bittner
c8c2953d7b cli: add status cmd
The new command allows checking the status of an upgrade
and which versions are installed.
Also remove the unused restclient.
And make GetConstellationVersion a function.
2023-04-03 12:03:41 +02:00
Paul Meyer
b8d6b110b1
cli: add missing -y short flag to iam create (#1572)
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-31 17:26:14 +02:00
Moritz Sanft
1f7acf8dfb
docs: list minimal permissions for Constellation setup (#1442)
* add required Azure perms

* add minimal aws permissions

* add minimal gcp permissions

* [wip] split Azure perms by iam create/create step

* Update docs/docs/getting-started/install.md

Co-authored-by: Nils Hanke <Nirusu@users.noreply.github.com>

* Update docs/docs/getting-started/install.md

Co-authored-by: Nils Hanke <Nirusu@users.noreply.github.com>

* minimal gcp permissions for iam create/create step

* escape footnote bracket

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* active voice

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* link to config step

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* add predefined roles for Azure

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* add AWS and GCP predefined min roles

* add Azure attestationprovider perm

* footnote for attestation mode

* Update docs/docs/getting-started/install.md

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>

* accept superset

* fix negation

Co-authored-by: Nils Hanke <Nirusu@users.noreply.github.com>

* update footnote

---------

Co-authored-by: Nils Hanke <Nirusu@users.noreply.github.com>
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-03-30 10:16:57 +02:00
Thomas Tendyck
6fabb2a84b docs: rearrange troubleshooting 2023-03-29 10:57:17 +02:00
Otto Bittner
861bc84f94
cli: only apply upgrades on gcp/azure (#1518)
The constellation-operator currently doesn't support the
necessary operations for AWS, OpenStack and QEMU.
2023-03-24 17:07:14 +01:00
derpsteb
870182987c docs: update cli reference 2023-03-24 08:47:53 +01:00
Otto Bittner
55067b12cd docs: explain how to change cluster measurements
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
2023-03-23 18:08:18 +01:00
Malte Poll
44db16b42e
cli: give Azure uami all perms previously given to app registration (#1334)
This is the first step for deprecating app registrations on Azure.
The user-assigned managed identity (uami) should first gain all permissions that are currently held by the app registration.

* cli: give Azure uami all permissions previously given to app registratio
* docs: document required owner role for user-assigned managed identity on Azure
2023-03-21 10:00:13 +01:00
renovate[bot]
79395ddd20
deps: update ubuntu:22.04 Docker digest to 7a57c69 (#1452)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-17 18:31:20 +01:00
Moritz Eckert
16f2f9bb64
docs: simplify readme svg (#1418) 2023-03-15 12:11:54 +01:00
Paul Meyer
d16f01d810 docs: pin base image of screencast container
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-03-14 13:08:19 -04:00
Thomas Tendyck
1a4c1f34bc
docs: refer to known issues (#1414)
* docs: refer to known issues

* publish
2023-03-14 08:27:06 +01:00
Thomas Tendyck
d8895446de docs: remove pcr warning from asciinema casts 2023-03-13 08:26:56 +01:00
Fabian Kammel
566924caf8
docs: embedd asciinema casts (#1154)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
Co-authored-by: 3u13r <lc@edgeless.systems>
2023-03-11 00:13:32 +01:00
derpsteb
02694c0648 docs: add release v2.6.0 2023-03-09 13:14:28 +01:00
edgelessci
ff7ac40590
docs: update cli reference (#1378)
Co-authored-by: daniel-weisse <daniel-weisse@users.noreply.github.com>
2023-03-08 15:53:25 +01:00
Thomas Tendyck
c94d1db76d attestation: remove PCR 0 and 10 on GCP 2023-03-06 13:09:57 +01:00
Thomas Tendyck
3471d73c6c docs: publish 2023-03-06 10:43:49 +01:00
Thomas Tendyck
c7f0cf1e79 docs: few fixes and rewording 2023-03-06 10:43:49 +01:00
Thomas Tendyck
420fecb986
docs: publish minor fixes (#1220) 2023-03-03 16:45:00 +01:00
Otto Bittner
67a58bcc56 docs: rename components to microservices
Since we now have a config value called microserviceVersion
it hopefully makes it easier for users to understand what
this value controls if we also use the term microservice
in the docs.
2023-03-03 15:40:57 +01:00
Otto Bittner
273225968f docs: rewrite upgrade docs for new commands
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-03-03 15:40:57 +01:00
Nirusu
9867faaf7e docs: update cli reference 2023-03-03 09:12:34 +01:00
Nils Hanke
f67594a5ea docs: adjust wording for resource provider troubleshooting 2023-03-01 16:10:06 +01:00
Nils Hanke
b327287577
docs: mention resource provider registration for Azure (#1308)
Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
2023-03-01 14:35:46 +01:00
Paul Meyer
483c0b47fe
docs: update cli reference (#1293)
Co-authored-by: derpsteb <derpsteb@users.noreply.github.com>
2023-02-28 18:40:10 +01:00
Moritz Sanft
a2096c2e33
docs: add docs on general Terraform usage (#1263)
* add docs on general tf usage

* reminder to not delete terraform dir

* fix spelling check

* add to sidebar

* reference terraform page

* embed link into natural language

* mention iam folder

* separate hack tools from official tf docs

* assume familiarity with tf
2023-02-28 10:36:20 +01:00
Paul Meyer
ca1a594f04
docs: update cli reference (#1292) 2023-02-28 09:31:44 +01:00
github-actions[bot]
95a6bd8030
docs: update cli reference (#1254)
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
2023-02-27 15:36:45 +01:00
miampf
5137e9fa57
cli: iam destroy (#946) 2023-02-24 11:36:41 +01:00
Nils Hanke
3c24fa37e8 docs: specify requirement of 4 vCPUs more clearly 2023-02-22 15:25:51 +01:00
Nils Hanke
573de3191e docs: add support for GCP C2D VMs 2023-02-22 15:25:51 +01:00
Otto Bittner
d78d22f95a
cli: add config kubernetes-versions subcommand (#1224)
Allows users to learn which k8s versions are supported by the
current CLI.
Extend respective docs section.
2023-02-22 09:52:47 +01:00
leongross
ff31f20488 docs: update cli reference 2023-02-21 18:52:28 +01:00
Thomas Tendyck
91c251090f
Fix links and clean lycheeignore (#1219)
* docs: fix links to cilium docs

* docs: clean lycheeignore

* docs: remove link to no longer existing blog post
2023-02-19 21:45:20 +01:00
stdoutput
013be33143 fix terminate docs filename 2023-02-19 16:23:15 +01:00
Moritz Sanft
782b4ec680
extend docs on terraform iam resource destruction (#1217) 2023-02-19 13:17:26 +01:00
derpsteb
d0daf26da7 docs: update cli reference 2023-02-16 08:54:47 +01:00
thomasten
94245416ca docs: update cli reference 2023-02-13 08:39:40 +01:00
Daniel Weiße
c29107f5be
init: create kubeconfig file with unique user/cluster name (#1133)
* Generate kubeconfig with unique name

* Move create name flag to config

* Add name validation to config

* Move name flag in e2e tests to config generation

* Remove name flag from create

* Update ascii cinema flow

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-02-10 13:27:22 +01:00
github-actions[bot]
35d9efd351
docs: generate docs for v2.5.0 (#1059)
Co-authored-by: release[bot] <release[bot]@users.noreply.github.com>
2023-01-23 20:13:24 +01:00
Moritz Eckert
aa1b2f8d30
docs: add missing asterisk reference (#970) 2023-01-23 13:19:51 +01:00
3u13r
03154c6e64
docs: document terraform support (#1037) 2023-01-23 10:37:28 +01:00
Moritz Sanft
88bbfb2065
docs: add docs for automatic config filling of iam values (#1000)
* AB#2821 iam config filling docs

* AB#2821 rephrasing
2023-01-19 10:24:58 +01:00
github-actions[bot]
8664e57c36
docs: update cli reference (#951)
* CLI reference was updated by edgelesssys/constellation@64ec0408

* CLI reference was updated by edgelesssys/constellation@e844ceb2

Co-authored-by: stdoutput <stdoutput@users.noreply.github.com>
2023-01-17 14:39:13 +01:00
Otto Bittner
90b88e1cf9 kms: rename kms to keyservice
In the light of extending our eKMS support it will be helpful
to have a tighter use of the word "KMS".
KMS should refer to the actual component that manages keys.
The keyservice, also called KMS in the constellation code,
does not manage keys itself. It talks to a KMS backend,
which in turn does the actual key management.
2023-01-16 11:56:34 +01:00